This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/QFY0JdkqZACX6DbQrMuCDT111r8.roa File: QFY0JdkqZACX6DbQrMuCDT111r8.roa (raw, json) Hash identifier: 8ei2JwlhItg4y3r3m8oI+dJmgo/uwKKNh5cafYIl8Iw= Subject key identifier: 40:56:34:25:D9:2A:64:00:97:E8:36:D0:AC:CB:82:0D:3D:75:D6:BF Certificate issuer: /CN=880b0f7acb87d134c3859d72d0d1a61e4751bac0 Certificate serial: 019B7DCB4887B5389D41AAAB5B4790810C18 Authority key identifier: 88:0B:0F:7A:CB:87:D1:34:C3:85:9D:72:D0:D1:A6:1E:47:51:BA:C0 Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iAsPesuH0TTDhZ1y0NGmHkdRusA.cer Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/QFY0JdkqZACX6DbQrMuCDT111r8.roa Signing time: Fri 02 Jan 2026 08:20:32 +0000 ROA not before: Fri 02 Jan 2026 08:20:32 +0000 ROA not after: Thu 01 Jul 2027 00:00:00 +0000 asID: 51092 IP address blocks: 185.250.0.0/22 maxlen: 22 185.250.3.0/24 maxlen: 24 2a0c:7bc0::/29 maxlen: 29 Validation: OK Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/iAsPesuH0TTDhZ1y0NGmHkdRusA.crl rsync://rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/iAsPesuH0TTDhZ1y0NGmHkdRusA.mft rsync://rpki.ripe.net/repository/DEFAULT/iAsPesuH0TTDhZ1y0NGmHkdRusA.cer rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer Signature path expires: Tue 10 Feb 2026 14:00:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 01:9b:7d:cb:48:87:b5:38:9d:41:aa:ab:5b:47:90:81:0c:18 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=880b0f7acb87d134c3859d72d0d1a61e4751bac0 Validity Not Before: Jan 2 08:20:32 2026 GMT Not After : Jul 1 00:00:00 2027 GMT Subject: CN=40563425d92a640097e836d0accb820d3d75d6bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:d6:fc:cb:88:e3:19:b8:8e:48:1c:ba:98:43: 4a:2e:a0:88:27:56:3c:6a:2a:3e:f1:d6:27:48:20: 1f:32:52:7a:06:1f:e7:b9:19:04:d9:4f:e5:b1:b9: e0:04:3f:ec:27:e8:d4:5b:25:33:28:d0:8a:00:7c: c5:13:71:e6:bc:a0:81:9c:b8:ac:ee:9f:06:f2:74: 63:a4:75:2a:96:c3:2e:9b:a5:36:84:62:92:45:44: f1:1a:90:1d:73:e2:7b:23:52:d5:98:ad:99:0a:17: 11:91:01:0c:48:cb:fd:07:93:56:99:50:b0:05:49: 93:0d:cf:36:7c:38:49:2a:ca:39:68:39:81:c1:18: 71:00:84:52:03:28:52:07:7c:a3:74:f4:98:0e:2c: f6:f4:f8:e5:09:b6:fd:3e:82:89:dd:cd:fc:f6:49: cb:c0:04:27:08:d1:f6:d5:42:39:07:06:31:eb:0a: 8b:7d:52:58:b9:2a:e7:55:9f:d1:a9:06:f3:39:8f: 36:06:1c:a2:ad:32:83:06:7a:4f:a9:b9:b6:fa:22: 72:cf:3d:49:10:ff:23:63:ef:cd:0d:79:77:e8:0a: f9:47:53:4f:dc:b6:cf:16:7d:74:a1:ba:06:3b:2a: 93:e4:f7:9a:a7:5b:24:6a:71:88:a2:b2:3e:15:a0: 59:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:56:34:25:D9:2A:64:00:97:E8:36:D0:AC:CB:82:0D:3D:75:D6:BF X509v3 Authority Key Identifier: keyid:88:0B:0F:7A:CB:87:D1:34:C3:85:9D:72:D0:D1:A6:1E:47:51:BA:C0 X509v3 Key Usage: critical Digital Signature Authority Information Access: CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iAsPesuH0TTDhZ1y0NGmHkdRusA.cer Subject Information Access: Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/QFY0JdkqZACX6DbQrMuCDT111r8.roa X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.ripe.net/repository/DEFAULT/16/445a66-b76b-4b48-a02d-bc289a931b4b/1/iAsPesuH0TTDhZ1y0NGmHkdRusA.crl X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: 185.250.0.0/22 IPv6: 2a0c:7bc0::/29 Signature Algorithm: sha256WithRSAEncryption 6b:c9:09:91:01:63:bc:9a:ef:8f:30:f1:24:05:d3:05:11:52: f6:66:ff:c9:ed:e8:d2:8c:46:08:a1:55:a6:5d:31:fe:64:9d: a7:08:28:e9:33:33:cd:98:80:fd:53:7b:4d:0d:f8:02:8a:ff: b5:10:78:a1:96:28:a5:95:e0:9c:05:2f:fa:a8:3a:d1:4d:9c: 55:5d:ed:ce:a0:12:d4:de:48:74:5e:ef:3e:1a:ac:ec:d4:45: f0:48:94:c8:55:50:53:b5:00:ca:fe:9f:01:b8:61:1f:ec:89: 30:fd:07:f1:74:2c:36:55:c8:cd:84:ec:a8:3b:02:9a:1b:2d: d1:db:ab:5b:fa:06:70:66:95:07:52:11:38:ef:0c:27:03:dd: 10:7e:43:4e:07:99:fb:e6:68:26:b7:4a:f9:9f:4b:db:b5:4b: b1:39:5f:f8:26:04:77:e1:96:0e:45:9b:a9:db:db:3f:42:a8: c9:09:53:5b:0c:0f:98:2d:b2:97:8d:0a:a2:3b:1b:b5:6d:2e: a0:34:67:c5:b5:8d:15:95:7a:99:03:d5:d2:22:68:b9:30:9f: d9:4b:9f:80:0e:5e:d5:14:7d:f1:b9:7d:cf:e7:b6:69:cb:90: b8:8a:7a:36:f2:4a:33:26:d6:d6:7a:05:46:fa:30:9c:b2:72: 51:02:16:37 -----BEGIN CERTIFICATE----- MIIFDDCCA/SgAwIBAgISAZt9y0iHtTidQaqrW0eQgQwYMA0GCSqGSIb3DQEBCwUA MDMxMTAvBgNVBAMTKDg4MGIwZjdhY2I4N2QxMzRjMzg1OWQ3MmQwZDFhNjFlNDc1 MWJhYzAwHhcNMjYwMTAyMDgyMDMyWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD Eyg0MDU2MzQyNWQ5MmE2NDAwOTdlODM2ZDBhY2NiODIwZDNkNzVkNmJmMIIBIjAN BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtb8y4jjGbiOSBy6mENKLqCIJ1Y8 aio+8dYnSCAfMlJ6Bh/nuRkE2U/lsbngBD/sJ+jUWyUzKNCKAHzFE3HmvKCBnLis 7p8G8nRjpHUqlsMum6U2hGKSRUTxGpAdc+J7I1LVmK2ZChcRkQEMSMv9B5NWmVCw BUmTDc82fDhJKso5aDmBwRhxAIRSAyhSB3yjdPSYDiz29PjlCbb9PoKJ3c389knL wAQnCNH21UI5BwYx6wqLfVJYuSrnVZ/RqQbzOY82BhyirTKDBnpPqbm2+iJyzz1J EP8jY+/NDXl36Ar5R1NP3LbPFn10oboGOyqT5Peap1skanGIorI+FaBZ5QIDAQAB o4ICGDCCAhQwHQYDVR0OBBYEFEBWNCXZKmQAl+g20KzLgg09dda/MB8GA1UdIwQY MBaAFIgLD3rLh9E0w4WdctDRph5HUbrAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv c2l0b3J5L0RFRkFVTFQvaUFzUGVzdUgwVFREaFoxeTBOR21Ia2RSdXNBLmNlcjCB jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi80NDVhNjYtYjc2Yi00YjQ4LWEwMmQt YmMyODlhOTMxYjRiLzEvUUZZMEpka3FaQUNYNkRiUXJNdUNEVDExMXI4LnJvYTCB gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv cnkvREVGQVVMVC8xNi80NDVhNjYtYjc2Yi00YjQ4LWEwMmQtYmMyODlhOTMxYjRi LzEvaUFzUGVzdUgwVFREaFoxeTBOR21Ia2RSdXNBLmNybDAYBgNVHSABAf8EDjAM MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCufoAMA0E AgACMAcDBQMqDHvAMA0GCSqGSIb3DQEBCwUAA4IBAQBryQmRAWO8mu+PMPEkBdMF EVL2Zv/J7ejSjEYIoVWmXTH+ZJ2nCCjpMzPNmID9U3tNDfgCiv+1EHihliilleCc BS/6qDrRTZxVXe3OoBLU3kh0Xu8+Gqzs1EXwSJTIVVBTtQDK/p8BuGEf7Ikw/Qfx dCw2VcjNhOyoOwKaGy3R26tb+gZwZpUHUhE47wwnA90QfkNOB5n75mgmt0r5n0vb tUuxOV/4JgR34ZYORZup29s/QqjJCVNbDA+YLbKXjQqiOxu1bS6gNGfFtY0VlXqZ A9XSImi5MJ/ZS5+ADl7VFH3xuX3P57Zpy5C4ino28kozJtbWegVG+jCcsnJRAhY3 -----END CERTIFICATE-----Generated at Mon Feb 9 18:22:31 2026 by rpki-client